Main menu

Post navigation

I have seen a lot of questions about cPanel on the cloud and several people were having issues getting it going. I wrote this guide for myself a while back and thought I would share it with you. I have had my server up and running for about 1 year now. If you have any questions, please do not hesitate to ask.

There are some parts where I could not put code in the code tag. It would generate a url that would not allow you to copy+paste. If you see any errors, please let me know and I will change it in the post.

I have included in this post some extra server hardening and some extra software that I found useful. Please do not assume that your server is fully hardened using this guide. I would recommend googling Server Hardening

After install is complete go to the Configure ClamAV Scanner under plugins
and enable the Scan Mail. Then click save.

Set an SSH Legal Message

Code:

nano /etc/motd

Enter the following into the file.

Code:

ALERT! You are entering a secured area! Your IP and login information
have been recorded. System administration has been notified.
This system is restricted to authorized access only. All activities on
this system are recorded and logged. Unauthorized access will be fully
investigated and reported to the appropriate law enforcement agencies.

You should be setup and ready to go with your new server! Please let me know if there is anything else that needs to be edited.

Rackspace Cloud has a very nice and cozy small forum for all their customers and users to submit and vote for ideas and feedback, such as features they want but are currently not available, or improvements / fixes that need to be done to make the cloud a better product.

You can read through all the ideas and requests as well as the comments to get an idea of what Rackspace Cloud is like and how it is doing in the eyes of their current customers and users. How the company is responding to these invaluable input is also an important factor in deciding to go with them or not.

It worked the first time. The only changes I made were to set the script with the proper variables for my site.

Then I went ahead and modified the scripts so I had 7 days of daily backups and created a second script and cron job for 8 weeks of weekly backups. What is great about this script is I can set the frequency of the Cron jobs such that I tested the full run in one day. I set the daily script to run every 5 minutes and the weekly script every hour.

Sacha Chua is a lovely girl hacker who knows computer, manages her own Linux server and developes in Emacs. She used to be on Rackspace Cloud Servers but later moved to Linode because the price is cheaper there. Both are unmanaged, which means you have to be the server administrator all on your own.

Here’s a very comprehensive review of Rackspace Cloud that deals with many different aspects of the cloud hosting provider, such as products offered, support, performance, reliability, documentation and resources, etc.. It’s a bit old but it’s still true in many ways as an introductory guide to people who are new to or want to know about Rackspace Cloud.

Happy holidays and welcome to Rack Review! This monthly digest features new product updates, combined with news and tips to help make your Rackspace® experience a rewarding one.

Cloud Networks Now Available
Cloud Networks is a powerful new addition to the open cloud that provides you with the ability to create isolated, layer 2 networks that look like traditional networks in both architecture and function – simplifying networking in the cloud. With the click of a button, you are now able to create software-defined networks allowing you to enhance the network security for your Cloud Servers™, creating sub-nets and controlling the traffic that flows between servers. Learn more.

Send and Receive Email in Your App for FREE
A few months ago, Rackspace acquired Mailgun, making it easy for you to send, receive and track emails through your websites and applications via the RESTful API or SMTP. Mailgun is the email automation engine trusted by over 10,000 developers who are sick of fighting with email servers. With sample code written in all of the most popular languages, like Ruby, PHP, Python, C# and Java, integration is easy. All Rackspace customers receive a $19/month credit for Mailgun services (use coupon code mg4rackspace). That’s enough to send up to 19,000 emails per month at no cost to you! Visit Mailgun to sign up.

Manage the Rackspace Open Cloud with the New Windows 8 App
We are offering you a new application that gives you the option to manage your Rackspace Cloud account directly from Microsoft’s newly-launched Windows 8 operating system. This free application can help you get even more out of your investment in the Rackspace Cloud by allowing you to manage your Cloud Servers directly from Windows 8. Learn more.

Help Protect Your VMware Virtual Machines with Replication
You need to have the ability to recover business-critical virtual machines (VMs) and restart the important apps in the event of a data center outage or unplanned downtime. Geographical redundancy is a key component to any sound disaster recovery (DR) strategy, and it’s a must-have for when disaster strikes. Read how VM Replication helps protect and recover Rackspace-hosted VMs by easily and affordably replicating VMs between our data centers.

Protect Servers Using Bastion Hosts and Isolated Cloud Networks
The public Internet can be a scary place for servers. Log files of servers attached to public addresses will show regular port scans and URL snooping. These log entries are the inescapable reminder that your hosts are always one misconfiguration away from disaster. We can help! We have created a guide that will teach you how to create a bastion host and an isolated cloud network so you can reduce the number of servers that have to encounter these threats. Learn more on our DevOps blog.

NoSQL Explained
For over thirty years, relational database technology has been the gold standard. Modern workloads and unprecedented data volumes, however, are driving businesses to look at alternatives to the traditional relational database. This “NoSQL movement” has given rise to a host of non-relational-database technologies, designed for large-capacity storage and scalability. We’ve taken some time to explain some of the popular options available for NoSQL.

Caching for the Holidays
Around the holidays, getting cash for a gift might make you think that the person didn’t put a lot of thought into your present. However, in the world of server configurations, giving cache to your customers is probably one of the best things you can do. Learn more about caching.

25 Most Influential Executives of 2012
Our own Lanham Napier, Rackspace CEO, was on the list of “The 25 Most Influential Executives of 2012.” See the full list here.

Tired of Email Management Hassles? Make the Move Now with Free Hosted Microsoft® Exchange Migrations
Tired of the headache of managing your own Exchange email server? Or worse, dealing with an unreliable or unresponsive provider? For a limited time, we are offering free email migrations (up to 250 Exchange mailboxes) when you sign up for a new Rackspace Hosted Exchange account. Our reliable, business-class Exchange hosting takes email off of your worry list, so you can stay focused on your business, while we manage your email. Learn more about our migration services. (Offer ends December 31, 2012)

Join Us in the Fight Against Patent Trolls
Fed up with patent trolls? So are we. Find out what we’re doing to help keep technologies out of the claws of patent trolls. And, better yet, join us in the fight. Find out more.

Start Using SharePoint® 2013 Today
We are glad to offer you two ways to get your own SharePoint 2013 site up and running today. The first option is the free trial, where you can get 45 days to explore and experience SharePoint 2012. Sign up for this limited time offer. The second option is to create your own Cloud Server with SharePoint 2013 and SQL Server 2012 images, ideal for project-based SharePoint deployments. To do this, simply go to the Cloud Control Panel and choose one of the available SharePoint images to get started right away.

Cloud Databases now has reduced network latency, which can solve DNS resolution issues. You can apply this enhancement to your Cloud Database by restarting each instance via the API or the Cloud Control Panel.

Looking for extra help to reach your goals in the cloud? Visit the Rackspace Cloud Tools Marketplaceto find a catalogue of third-party-developed applications designed for the Rackspace open cloud. This month’s featured partners are:

SOASTA – Load and Performance Testing SolutionSOASTA CloudTestis an end-to-end integrated platform, available as a turnkey on-demand service for external, web-scale testing and as on-premise editions for use by testers behind the firewall. Cloud testing easily enables fast, low-cost testing at full web-scale, providing the confidence that the web or mobile application or site can withstand daily load in addition to the largest peaks and surges in traffic.Papertrail – Detect & Avoid Infrastructure ProblemsPapertrail helps detect, resolve and avoid infrastructure problems using log messages. Aggregate and manage log messages from Cloud Servers, Managed Hosting, Hybrid Hosting, and other servers — both flat files and syslog. Setup takes a minute, then tail, search, react, analyze and archive.

Several of my ASP.NET web applications on Cloud create large numbers of log files on a fairly regular basis and it is necessary for me to prune those logs from time to time. Because ASP.NET in medium trust can’t talk to the /logs folder which automatically purges itself every 6 days, I built a Python script which will automatically delete all files older than a specified time interval within a given directory.

If you need this functionality just save the script, update the path accordingly and set up a Chron job to call it. The code below is set to delete files older than 7 days (7 * 86400), customize as needed. Enjoy!

Yep, I linked too fast. I linked to a thread on getting the IP address for SSL, which is related, but different.

You may want to take note of it though, because you may at some point want to get the IP address of your visitors, and ServerVariables(“REMOTE_ADDR”) won’t work, you’ll need the HTTP_X_FORWARDED_FOR variable if you are on SSL.

=========== Answer 5 ===========

Hi,

I am using URLRewriter an open source module. Following is the script I use

OK, SO I’VE BEEN DOING SOME RESEARCH ON NGINX, AND HOW TO USE IT WITH PHP AND I’VE COME UP WITH SOMETHING FAST, SIMPLE, AND A METHOD THAT JUST WORKS WITH EXTRAS LIKE APC, MEMCACHED, AND IMAGEMAGICK. YOU CAN ALSO ADD FFMPEG, OR W/E…SINCE YOU HAVE THE PHPIZE FUNCTION.

CONFIGURE, AND OF COURSE MAKE AND INSTALL IT! (OF COURSE YOU CAN CHANGE THE CONFIGURATION IF YOU’D LIKE )
./configure –with-http_ssl_module –sbin-path=/usr/local/sbin –without-mail_pop3_module –without-mail_imap_module –without-mail_smtp_module –with-http_stub_status_module && make build install

LET’S ENABLE MEMCACHED, WHICH IS OPTIONAL…
vi /etc/default/memcached
CHANGE no TO yes
SAVE and CLOSE

NOW IN YOUR NGINX CONFIGURATION FILE WHICH IS LOCATED -> /usr/local/nginx/conf/nginx.conf — YOU NEED TO EDIT THAT TO LET NGINX KNOW, “HEY I GOT PHP DUDE, PLEASE RUN PHP FOR ME, THNX” SO USE THIS CONF FILE, AND OF COURSE YOU CAN CHANGE IT HOW YOU WANT, MAKE SURE YOU HAVE THAT.

AND THAT’S IT! EVERYTHING SHOULD WORK WITHOUT QUESTION, LOL. I’VE DONE THIS 34038940 TIMES.. OF COURSE I’M EXAGGERATING ABOUT THE NUMBER, BUT STILL IT JUST WORKS. PHEWW I’M DONE TYPING. ANY QUESTIONS? JUST ASK AWAY!

This is awesome, thank you! I was in the process of writing a cloud server set up guide for our company’s reference, and you just me a load of work.

Dave
Productiontrax.com

=========== Answer 2 ===========

Great Article! I’ll pass it along to our Technical Writer and see if we can get this included into the KB.

That said, one thing I would recommend is to make sure everything is enabled via chkconfig so that it starts itself up in the event that you reboot your server. This will solve a few headaches in troubleshooting in the event that you have an issue that requires a reboot. I know it’s typically done automatically, but it is always a good idea to double check!

=========== Answer 3 ===========

Thanks!

Of course I could have added MySQL along with all of this to make it complete with database support and fine tuned, but I didn’t think it was necessary. :/

If you want to set up accounts for subdomains of your main account, they MUST be created in the same “client” as the main domain

ie “this.domain.com”, “that.domain.com” as accounts when you own “domain.com”

The control panel will allow you to create the domain – but it will fail and you will need support to remove the accounts as the delete also fails.

This once was possible to do, but in the last month, changes where made to stop it from happening – but not to stop us from entering it. (I have some sub-domains in a different client account I did months ago that worked).

The recent change is due to “security” I have been told. More like a coding mistake!

This message reads like one of those pass this email on messages or the world will blow up!!!

Anyway, If you want to set up a subdomain for a client – you can no longer have separate “client” billing. Thanks Mosso!

=========== Answer 1 ===========

just tested this again today. doh, i was hoping to separate the sub domains so they are not in the same ftp and therefore more secure but its not possible.

=========== Answer 2 ===========

Yep.

I actually had some subdomains I had created before they imposed this restriction in different accounts. I ended up having to delete them and recreate them in the same account as the master domain.

I wonder though? If there was no master domain – only subdomains – would the restriction apply then? And what to do with the master domain? Set it up as a forward to a selected subdomain….

In the past, I would park a subdomain on top of a clients domain I was designing so they could access and see their domain before it went into production. Or just create a subdomain to test a new CMS or technology – keeping it separate from the main account. Not any more!

=========== Answer 3 ===========

yes, i used to do somethin similar. maybe it is for a security reason, its kinda annoying though.

=========== Answer 4 ===========

It is NOT for security reasons as I want to have separate accounts for each subdomain BECAUSE OF security reasons, and RS doesn´t let me do that.

=========== Answer 5 ===========

It is NOT for security reasons as I want to have separate accounts for each subdomain BECAUSE OF security reasons, and RS doesn´t let me do that.

And I need to have subdomains into separate accounts, because on same account they are vulnerable if ANY of the subdomains get hacked, then ALL your subdomains and main domain could be accessed-hacked too easily then.